updated 02:30 pm EDT, Tue August 5, 2014

SynoLocker demanding 0.6 bitcoin to release encrypted data

[Updated with additional info] Network attached storage device manufacturer Synology is reporting that a new form of malware is spreading to some of its customers. Dubbed the SynoLocker cryptoware, the malware encrypts data on the network peripheral, and the perpetrators are demanding 0.6 bitcoin ($350) to get the key to retrieve the files.

Not much has been made public as of yet. Synology devices with DSM 4.3-3810 and below are known to be vulnerable, with no evidence of DSM 5.0 being susceptible to the problem. It is not known if Synology was aware of the flaw before devices became encrypted as a result of the attack.

Synology is recommending that users disconnect the NAS from the Internet, as well as upgrade the systems to the latest version. Additionally, users are being told to backup crucial data, in case the NAS is infected in the future.

It is unlikely that the perpetrators left a "back door" for file decryption. Users that do not pay the ransom may have lost the involuntarily encrypted data.

(updated 17:30EST with more specifics on what versions of DSM are affected by the problem)